开发者

Can't use sha1 inside class definition?

开发者 https://www.devze.com 2022-12-12 00:06 出处:网络
I\'m working on a login class in PHP. I have the following line inside a class definition: private $salty = sha1(\'salty\');

I'm working on a login class in PHP. I have the following line inside a class definition:

private $salty = sha1('salty');

...which is giving me the following error:

"Parse error: parse error,开发者_Go百科 expecting ','' or';'' in C:\xampp\htdocs\test\includes\jaLogin.php on line 26"

I've tried using this line outside of the class definition and it works fine, it's only when I use it inside the class definition that I get a problem.

If I remove the word "private" I get a slightly different error:

Parse error: parse error, expecting `T_FUNCTION' in C:\xampp\htdocs\test\includes\jaLogin.php on line 26

I feel like I'm missing something obvious...


You can't use function-calls to initialize class member variables.

class YourClass
{
    private $salty;

    public function __construct()
    {
        $this->salty = sha1('salty');
    }
}

is the one way to initialize your variable.

EDIT

Even, e.g., a simple concatenation of two constant strings is not allowed (protected $_string = 'Hello ' . 'World!';). The evaluation of class properties happens at compile time, so the usage of constructs that depend on run-time information is illegal.

[...] This declaration may include an initialization, but this initialization must be a constant value--that is, it must be able to be evaluated at compile time and must not depend on run-time information in order to be evaluated.

(Properties)


Just declare the variable as null and then initialize it in your constructor.

private $salty = null

function __construct() {
    $this->salty = sha1('salty');
}


$sha1() won't function because you're trying to handle a function as a variable.

And when you're working on a better login mechanism why not start using:

$this->salty = hash("SHA512", "salty");

Additionally you can create a salt hash and add it with your password. This addition gives you a little overhead because you will have to save the salt in a db-table too and retreive and combine it when you are validation (user)credentials.

Hope it helps you!

0

精彩评论

暂无评论...
验证码 换一张
取 消